ON SOME PERMUTATION POLYNOMIALS OVER ¥ q 
OF THE FORM x r h(x {q ~ l)/d ) 



MICHAEL E. ZIEVE 

Abstract. In a recent paper, Akbary and Wang gave a sufficient 
condition for x u + x r to permute ¥ q , in terms of the period of 
a certain sequence involving sums of cosines. As an application 
they gave necessary and sufficient conditions in case u, r, q satisfy 
certain special properties. We show that the Akbary- Wang suf- 
ficient condition follows from a more general sufficient condition 
which does not involve sums of cosines. This leads to vastly sim- 
pler proofs of the Akbary- Wang results, as well as generalizations 
to polynomials of the form x r h(x^ q ~ 1 ^ d ). 



1. Introduction 

A polynomial over a finite field is called a permutation polynomial if 
it permutes the elements of the field. These polynomials first arose in 
work of Betti [3] , Mathieu [23] and Hermite [19] as a way to represent 
permutations. A general theory was developed by Hermite [19] and 
Dickson [12], with many subsequent developments by Carlitz and oth- 
ers. The study of permutation polynomials has intensified in the past 
few decades, due both to various applications (e.g., [H QUI EH |2S]) and 
to an increasing appreciation of the depth of the subtleties inherent to 
permutation polynomials themselves (for instance, work on permuta- 
tion polynomials led to a bound on the automorphism group of a curve 
with ordinary Jacobian [IS]). 

The interesting aspect of permutation polynomials is the interplay 
between two different ways of representing an object: combinatorially, 
as a mapping permuting a set, and algebraically, as a polynomial. This 
is exemplified by one of the first results in the subject, namely that 
there is no permutation polynomial over W q of degree q — 1 if q > 2 [19"] . 
Much recent work has focused on low-degree permutation polynomials, 
as these have quite remarkable properties: for instance, a polynomial of 
degree at most g 1 / 4 which permutes ¥ q will automatically permute ¥ q n 
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for infinitely many n. The combined efforts of several mathematicians 
have led to a handful of families of such polynomials, and to an avenue 
towards proving there are no others [T^fTTl[8lfTit[^[^[^fl5lfT6|fT7]. 

A different line of research focuses not on the degree of a permutation 
polynomial but instead on the number of terms. The simplest class of 
nonconstant polynomials are the monomials x n with n > 0, and one 
easily checks that x n permutes ¥ q if and only if n is coprime to q — 1. 
However, for binomials the situation becomes much more mysterious. 
Despite the attention of numerous authors since the 1850's (cf., e.g., 
IllilllEElElESESlEZlEniEniESlEl the known results seem 
far from telling the full story of permutation binomials. This brings 
us to the present paper. In the recent paper [3], Akbary and Wang 
considered binomials of the form f(x) = x u + x r with u > r > 0. They 
gave sufficient conditions for / to permute ¥ q in terms of the period of 
the sequence (a n mod p), where p is the characteristic of ¥ q and, with 
d := (q - 1)/ gcd(g - 1, u - r), 



(One can show that every a n is an integer.) 

As an application, they gave necessary and sufficient conditions for 
x u + x r to permute ¥ q in the two special cases 



The proofs in j3] relied on facts about the coefficients of Chebychev 
polynomials, Hermite's criterion, properties of recursive sequences, la- 
cunary sums of binomial coefficients, and various unpublished results 
about factorizations of Chebychev polynomials, among other things. 
In this paper we give vastly shorter and simpler proofs which avoid all 
these ingredients, and which yield more general results. In particular, 
we will show that the sequence a n does not play an essential role for 
these results, and in fact stating results in terms of a n obscures the 
essence of the situation. 

We will prove the following sufficient condition for permutation bi- 
nomials, in which (for any d > 0) fid denotes the set of d th roots of 
unity in the algebraic closure of ¥ q : 

Theorem 1.1. Pick u > r > and a G F* Write s := gcd(w — r, q — 1) 
and d := (q — l)/s. Suppose that (r/ + a/77) f or every 77 G fi2d- 

Then x u + ax r permutes ¥ q if and only if —a fid and gcd(r, s) = 1 
and gcd(2d, u + r) < 2. 



d-l 




(1) p = 1 (mod d) and d \ log p g. 

(2) p = -1 (mod d). 
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We emphasize that this condition applies to arbitrary binomials, un- 
like the condition in [3] which only applied to binomials with both 
coefficients being 1. Superficially the condition in [3J looks quite dif- 
ferent from Theorem ll.il since the former requires a constraint on the 
period of (a n mod p); however, in Section [3] we will show that the hy- 
potheses of Theorem 11.11 are satisfied whenever the hypotheses of [3J 
Thm. 1.1] are satisfied. We note further that, for both theoretical and 
practical purposes, our hypotheses are easier to test than those in [3J. 

In the forthcoming paper [TJ, the two families of permutation bino- 
mials from [3J are generalized to families of permutation polynomials 
of the form x r (l + x s + x 2s + • • • + x ks ), with similar proofs to those in 
[3j. We now exhibit two vastly more general families of permutation 
polynomials which include the polynomials from [3J and pQ as quite 
special cases. 

Theorem 1.2. Let d, r > satisfy d \ (q — 1). Suppose that q = q™ 
where q = 1 (mod d) and d \ m, and pick h e F ?0 [x]. Then f(x) : = 
x r h(x( g ~ 1 " d ) permutes ¥ q if and only ifgcd(r, (q — l)/d) = 1 and h has 
no roots in fid- 

This is equivalent to a forthcoming result of Laigle-Chapuy [21\; 
our proof is significantly simpler than that in [21]. The first class of 
permutation binomials from [3] is the special case that qo = p and 
h = x e + 1, where gcd(e, d) = 1. 

In our next result we use the notation hk(x) := x k ~ 1 + x k ~ 2 + • • • + 1. 

Theorem 1.3. Pick integers t > and r,v,k,£ > 0, and put s : = 
gcd(g — 1, v), d := (q — l)/s, and d := dj gcd(<i, t — 1). Suppose that 
Q = > where m is even and qo = —1 (mod d). Pick h G IF 90 [a;] and 
let h := hk(xyh(h£(x) do ) . Then f := x r h(x v ) permutes ¥ q if and only 
if gcd(r, s) = 1, gcd(2r + (k — l)tv, 2d) = 2 and h has no roots in fid- 

The second class of permutation binomials from [3] is the special case 
that qo = p and h = h 2 . 

Notation: Throughout this paper, q is a power of the prime p, and 
fj,d denotes the set of d th roots of unity in the algebraic closure of F 9 . 
Also, h k (x) := x^ 1 + x k ~ 2 H hi. 

2. Proofs 

We begin with a simple lemma reducing the question whether a 
polynomial permutes ¥ q to the question whether a related polynomial 
permutes a particular subgroup of F*. 
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Lemma 2.1. Pick d, r > with d \ (g — 1), and let h G F g [x]. TTien 
/(x) := x r h(x^ q ~ 1 '' d ) permutes ¥ q if and only if both 

(1) gcd(r, (q — l)/d) = 1 and 

(2) x r h(x)( q ~ 1 ^ d permutes [id- 
Proof. Write s := (g — l)/d. For £ G // s , we have f((x) = ( r f(x). 
Thus, if / permutes ¥ q then gcd(r, s) = 1. Conversely, if gcd(r, s) = 1 
then the values of / on ¥ q consist of all the s th roots of the values of 

f(x) s = x rs h(x s y. 

But the values of f(x) s on ¥ q consist of f(0) s = and the values of 
g(x) := x r h(x) s on (¥*) s . Thus, / permutes ¥ q if and only if g is 
bijective on (F*) s = □ 

Remark. A more complicated criterion for / to permute ¥ q was given 
by Wan and Lidl [3H Thm. 1.2]. 

The difficulty in applying Lemma [2TT1 is verifying condition (2). Here 
is one situation where this is easy: 

Corollary 2.2. Pick d,r,n > with d \ (q — 1), and let h G ¥ q [x]. 
Suppose = ( n for every £ G Then f(x) := x r h(x( q ~ 1 '' d ) 

permutes ¥ q if and only if gcd(r + n,d) = gcd(r, (g — l)/d) — 1. 

Our next results give choices for the parameters satisfying the hy- 
potheses of Corollary | 



Theorem 2.3. Let d, r > satisfy d \ (q — 1). Suppose that q = 
q™ where q = 1 (mod d) and d | m, and picA; /i G F go [x]. Then 
f(x) := x r h{x^ q ~ 1 >' d ) permutes ¥ q if and only if h has no roots in fi^ 
and gcd(r, (q — l)/d) = 1. 

Proof. We may assume gcd(r, (g — l)/d) = 1, since otherwise / does 
not permute ¥ q (by Lemma [2. ip . Since go = 1 (mod d), we have 

Hence go — 1 divides (q d — l)/d, which divides (g — l)/d; since d | (go — 1), 
it follows that d divides (g — l)/d, so since gcd(r, (g — l)/d) = 1 we 
have gcd(r, q — 1) = 1. 

For ( G fid we have £ G F go , so h(() G ¥ qo . Since /(0) = 0, if / 
permutes ¥ q then h(() ^ 0. Conversely, if h(() ^ then (since g — 1 
divides (g — l)/d) we have h{C > Y q ^ 1 ^ d = 1. Now the result follows from 
Corollary O (with n = d). □ 
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Remark. Theorem 12.31 is a reformulation of a result from [21] , which 
contains a different proof. (Note that Thm. 4.3] is false, a coun- 
terexample being P = x 3 + x over F 3 ; to correct it one should remove 
the polynomials P.) 

We now exhibit some polynomials h for which we can determine 
when h has roots in fid- 

Corollary 2.4. Pick positive integers d,e,r,k,t with d \ (q — 1) and 
gcd(d,e) = 1. Suppose that q = q™ where g = 1 (mod d) and d \ m. 
Then f(x) := x r hk(x e ( q ~ 1 >/ d ) t permutes ¥ q if and only if gcd(k,pd) = 
gcd(r, (q - l)j d) = 1. 

Remark. The case that qo = p, k = 2, and t = 1 was treated in [3]. The 
case that qo = p, t = e = 1, and both q and d are odd was treated in 
[I]. The results in both [5] and PP involved the superfluous condition 
gcd(2r + (k - l)es,d) = 1. 

Theorem 2.5. Pick integers t > and r,v,k,£ > 0, and put s : = 
gcd(g — 1, v), e := v/s, d := (g — l)/s, and do := dj gcd(d, I — 1). 
Suppose that q = q™, where m is even and go = —1 (mod d). Pick h G 
F go [x], and let h{x) := hk(xYh(h£(x) d °) . Then f := x r h(x v ) permutes 
¥ q if and only if gcd(r, s) = 1, gcd(2r + (k — l)tv, 2d) = 2 and h has 
no roots in ^id- 
Proof. Our hypotheses imply the divisibility relations 

9-1 



a 1 - ^ 



<?o + l 



d 



g + i 

We may assume h(x e ) has no roots in fid, since otherwise Lemma 12.11 
implies / does not permute ¥ q ; since gcd(d, e) = 1, this says h has no 
roots in fid. Hence h(ht{x) d °) has no roots in fid- For ( G fid\ fJ>i, the 
hypothesis d | (g + 1) implies C 90 = 1/C> so 

'C £ -i\ 90 r £ -i MO 



MO 



c _ i j c -i _ i c /-i ' 

hence /i £ (C) do<?0 = M0 d °> so MO* e F 9o . Also M 1 ) G F go . Thus, for 
any £ G /id we have h(hi(( e ) d °) G F* Q . Since (g — 1) | s, we conclude 

that /i(C e ) s = h h {C) ts - As above, h fc (0* (<Zo_1) = 1/C* (fc_1) , so /i(C) s = 
l^e{k-i)ts/{ qo -i) ^ wrience result follows from Corollary 12.21 □ 

Remark. There would be counterexamples to Theorem 12.51 if we did 
not require m even; such examples necessarily have d = 2. Also, The- 
orem 12.51 immediately generalizes to the case that h is the product of 
several polynomials of the same shapes as the two factors of h described 
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in the theorem, and moreover we may replace h by any polynomial con- 
gruent to it modulo x d — 1. 

Corollary 2.6. Pick positive integers t,d,e,r,k with d | (q — 1) and 
gcd(d, e) = 1, and put s :— (q — l)/d. Suppose that q = q™ where m is 
even and go = —1 (mod d). Then f(x) := x r hf : (x e ^ 9 ~ 1 ^ d ) t permutes ¥ q 
if and onlyifgcd(r,s) = gcd(k,pd) = 1 and gcd(2r+(k—l)tes,2d) = 2. 

Remark. The hypotheses of Corollary 12.61 are satisfied whenever d is 
an odd prime divisor of q — 1 such that p has even order modulo d. 
The case that d = 7, t = 1, and k = 2 was treated in [2], although the 
result in [2] includes the superfluous condition 2 s = 1 (mod p) . The 
case that qo = p, t = 1, and k = 2 was treated in [3]. The case that 
go = Pi t = e = 1, and both g and d are odd was treated in pQ. 

Now we prove a general sufficient criterion for permutation binomi- 
als: 

Theorem 2.7. Picku > r > and a G F*. Write s := gcd(w — r, q — 1) 
and d := (g — l)/s. Suppose that (n + a/77) G /x s /or ewer?/ n G /i2d. 
Taen x" + ax r permutes ¥ q if and only if —a pd and gcd(r, s) = 1 
and gcd(2d, u + r) < 2. 

Proof. Write e := (n — r)/s, so gcd(e, d) = 1. By Lemma [2TTI /(x) : = 
x u + ax r permutes ¥ q if and only if gcd(r, s) = 1 and g(x) := x r (x e + a) s 
permutes pd- In particular, if x u + ax r permutes ¥ q then g has no roots 
in p d , or equivalently —a ^ Henceforth we assume gcd(r, s) = 1 
and —a ^ /id, so / permutes ¥ q if and only if g is injective on 
This condition is equivalent to injectivity of g(x 2 ) on p 2 d/ '^2- But for 
7] G fi2d we have 

S (r, 2 ) = n 2 '( V 2 ' + a)' 
= r] 2r+es 

Finally, x 2r+es is injective on p 2 d/ A*2 if and only if gcd(2r + es, 2d) < 2; 
since 2r + es = u + r, this completes the proof. □ 

Theorem 12 . 71 can be generalized (with the same proof) to polynomials 
with more terms: 

Theorem 2.8. Pick r,e,d,t > where d | (g — 1) and gcd(e, d) = 1. 
Put h = x t h(x d ) where h G F g [x]. Pick a G F*. Suppose that every 
V G Pd S cd(2,d) satisfies both 77 + 0/77 G Pt( q -i)/d and h{{rf e + a) d ) G 
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H{ q -i)/d- Then f(x) := x r h(x e ( q ~ 1 ^ d + a) permutes ¥ q if and only if 
gcd(2r + et(q — l)/d, d) — 1 and gcd(r, (q — l)/d) = 1. 



3. Permutation binomials and generalized Lucas 

sequences 

In this section we explain how our sufficient condition for permuta- 
tion binomials (Theorem 12. 7j) implies the analogous condition from [3], 
namely [31 Thm. 1.1]. Some preliminary steps are needed in order to 
state Thm. 1.1]. 

It is easy to show that if f(x) := x r + x u (with < r < u) permutes 
¥ q then f(x) = x r (l + x es ), where 

(*) sd = q — 1, gcd(r, s) = gcd(e, d) = 1, d odd, and r,e,s > 0. 

Conversely, with p denoting the characteristic of ¥ q , [31 Thm. 1.1] says 

Theorem 3.1. Forq, s, d, r, e as in (*), the binomial f (x) = x r (l+x es ) 
permutes ¥ q if gcd(2r + es, d) = 1, 2 s = 1 (mod p), and the sequence 

7r(2f-l)\" 

consists of integers satisfying a n = a n+s (mod p) for every n > 0. 

Suppose the hypotheses of this result are satisfied, and put ( = 
exp(Tci/d). Then 



d-1 




T7 d =— 1 



Note that the hypotheses of Theorem 13.11 imply q odd (since s > 
and 2 s = 1 (modp)). Also, we now see that a n e Z[£] and that a n 
is fixed by every element of Gal(Q(C)/Q), so a n G Q n Z[(] = Z. Let 
( denote a fixed primitive (2<i) th root of unity in ¥ q , and let ip be the 
homomorphism Z[£] i— > F g which maps C ^ C- Then if)(a n ) = o n 
(mod p), so the condition a n = a n+s (mod p) is equivalent to 



s 
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This condition holds for all n > if and only if 








for every P G ¥ q [x]. Pick representatives 771, rj 2 , . . . , /7(d-i)/2 for the 
equivalence classes of fi 2 d \ {fJ>d U ^2) under the equivalence relation 
f] ~ Then the values T]i + are distinct elements of ¥ q , so 

there are polynomials P G ¥ q taking any prescribed values at all the 
rji + l/rji. In particular, choosing P to be zero at all but one of these 
elements, it follows that 



for every rj such that r] d = — 1 but 77 7^ — 1. The hypotheses of The- 
orem [3J] imply that s is even and 2 s = 1 (mod p), so ([1]) holds for 
r) = —1. Moreover, since d odd and s even, the fact that ([T|) holds 
when 7] d = — 1 implies that ([1]) holds when rj d = 1 as well. 

Thus, whenever the hypotheses of Theorem 13.11 hold, we will have 
(77 + l/r]) s = 1 for every rj G fad- Since the latter is precisely the 
hypothesis of Theorem 12.71 in case a = 1, we see that Theorem 12.71 
implies Theorem 13.11 
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